mirrors/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-03-28 22:35:31 +00:00
Code Issues Projects Releases Packages Wiki Activity
forgejo/models/user
History
forgejo-backport-action 932afb2036 [v10.0/forgejo] fix: delay deleting authorization token (#6976) 
**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6937

- 1ce33aa38d extended the LTA table with a purpose column so it could be extended to other tokens. However some are single-use tokens and should be deleted after use.
- This did not result in a good UX for activating user as they needed to also fill in their passwords and in the case that the password was incorrect the token would no longer be usable.
- This patch modifies the code to allow for a little delay before deleting authorization tokens to do additional verification such as the password check. This cannot be done before the authorization token check as that the authorization token determines who the user is.
- Resolves forgejo/forgejo#6912
- Adjusted existing unit test.

Co-authored-by: Gusted <postmaster@gusted.xyz>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6976
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org>
Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org>
2025-02-19 07:06:01 +00:00
..
fixtures Implement remote user login source and promotion to regular user 2024-04-25 13:03:49 +02:00
avatar.go
badge.go
block.go
block_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
email_address.go fix: Allow Organisations to remove the Email Address (#5517) 2024-11-20 12:31:34 +00:00
email_address_test.go fix: Allow Organisations to remove the Email Address (#5517) 2024-11-20 12:31:34 +00:00
error.go
external_login_user.go fix: Revert "allow synchronizing user status from OAuth2 login providers (#31572)" 2024-12-12 05:59:06 +01:00
federated_user.go initial 2024-05-16 08:15:43 +02:00
federated_user_test.go initial 2024-05-16 08:15:43 +02:00
follow.go
follow_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
list.go
main_test.go
must_change_password.go
openid.go
openid_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
redirect.go
redirect_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
search.go [v10.0/forgejo] fix: check for webauthn in 2fa user search (#6730) 2025-01-29 19:28:12 +00:00
setting.go
setting_keys.go Add codespell support and fix a good number of typos with its help (#3270) 2024-05-09 13:49:37 +00:00
setting_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
user.go [v10.0/forgejo] fix: delay deleting authorization token (#6976) 2025-02-19 07:06:01 +00:00
user_repository.go initial 2024-05-16 08:15:43 +02:00
user_system.go activitypub: Implement an instance-wide actor 2024-08-05 10:50:26 +02:00
user_test.go [v10.0/forgejo] fix: delay deleting authorization token (#6976) 2025-02-19 07:06:01 +00:00
user_update.go